Closed johnhtodd closed 9 months ago
I think your problem is not related to the pipeline_mode branch.
If your copy/paste is correct, I see an indentation issue in your configuration. The transforms section in your stanza blocks-geotag should be at the same level as dnsmessage.
DNScollector does not raise an error when unknown keys are present in YAML config file. I will look into improving that.
You're right. I'll try to fix that. I am not really a big fan of spaces driving configuration, but I understand that's the way it is so I'll just grumble and look more closely at where my cursor is on the screen. Having error outputs would be useful as it could flag those things, yes - that is already a problem that has cost me quite a bit of time and I'm not even in a production environment. Another method to allow checking would be to have a "pre-flight" parser that checked the configs (Prometheus does this, as an example, with "promtool check config") and at least validated them for correctness.
Yes, false alarm - this works fine after indentation repair.
The -test-config
argument is available to do a dry run. I see that the documentation needs to be updated as well.
This option has been added by @pieterlexis-tomtom
$ go run . -test-config
INFO: 2023/12/23 14:53:35.522232 main - config OK!
PR #523 in progress to improve this part.
New function has been added to detect invalid configuration.
completed via #523
This is using the pipeline_mode branch.
Describe the bug Transformations do not seem to be working in some circumstances. Either that, or my regexp is poor for the matching criteria and there is a bug in the "drop-unmatched" logic. Either way, something is wrong. :-)
Expected behavior I expect the IP address anonymization to be applied, GeoIP data to be attached, and tag data to be attached to the packet. If my regexp is incorrectly formatted, I would expect no data at all to show up in the blocks.log file since I am applying "drop-unmatched" as the policy.
Additional context
Here is the config file snippet. I have other ports active in this configuration file doing other processing, and the "prom" prometheus stanza is excluded.
Here is an example of the data in the /tmp/blocks.log file (after parsing via jq) - missing tags and geoip data and has full IP address of client: